confessions of a recovering environmentalist,Paul Kingsnorth

posing as a fraud

isbn: 9780571329694 is a book i finally decided to read only to find the author is a poet*.  95% of this has been seen in print already. Occasionally an odd thought comes through the usual ‘poet’s garbage but no actual stuff that i have not known of (my blog) or worthy of comment.

Fortunately the author sees that both sides green and anti green both have biases which means either somebody has to change rather than being a doormat (my blog) for the labour party rather than hope they are the same as the greens by not standing for election.

Meh 0/5 bananas for a radically ‘original’ writer of waffle and hot air.

*oh shit

debian 93

Did not do anything seriously nasty that i was immediately aware of and the systemd fault mentioned here (my blog) means systemd cannot load postfix on start up at all systend is very shit software.

zeitgeist-daemon is another headache with systemd as i baked a disk and could not start the x server on the machine on next login.  So i killed all my users processes [not root] and gave up and found some hardware elsewhere that worked.  I shall look into removing zeitgeist-daemon

I think i also lost x access for root in 9.2 as well not that i use it often [once a year] but having a gui as root is nicer than vi when you have four servers to do stuff to..

I could see a migration to the bsd way if things continue to go a certain way.- I demand very little but when systemd wont start stuff,magic daemons stop x and none of it your fault then perhaps linux as a server is not the thing i thought it was.

On that thought lets leave as accommodating linux quirks is possible but not that desirable perhaps you can justify calling /usr/sbin/postfix instead of using systemd in scripts but i feel perhaps there is something that works rather than is supposed too but does not.

I look forward to exploring bsd and knowing more so i can make an informed choice.

gendered book reviews and unsold toys

There is a website i occasionally visit for books to read  but i do not find any to read.  Most of the reviews are by women reviewing other women authors for the sisterhood can not read anything else.  It is not a sjw field say feminism .

Can men not write books ? apparently not and since even i can spot this trend and who is to say the reviewed books are any good after all vagina good and penis bad.

This is a publishers site as well so i guess they do not want to sell books which i am happy to help with and will help them in there bias after all who says those are the books i think worthy of reading.

Of related interest I was watching a video of a fan (my blog) explore the unsold toy products* (my blog) and it relates quite well since the sjw press noted above demanded action figures in a certain gender.  So the fans exploration in retail bricks and mortar shops around there area was eye opening.  The brand could be said to be doing poorly, and those ‘demanded’ things in the name of website writers where very much heavily discounted  available in vast quantities..

Fancy that.

*it appears that sjw writers do not understand female toys.

curious caa records

The zoo has a tls supplier without caa support (my blog) for one domain (zoo4) it means no ca (as in ssl) can issue a certificate with its caa record

While correct it also means that the issuer of the current certificate cannot sell us a new one but all will inform us that somebody tries to.

mafia run ssl

So if your tls issuer and cannot be bothered to support caa like my zoo4 example i do not think you will be selling us another.

I can change the caa record but if you make it pointless why should i. Guess they don’t care for money.

Makes life harder for us all and the ssl mafia ..  Renewal time shall be fun if they check the caa record..

Cleaning up challenges
Failed authorization procedure. mail2.zoo (dns-01): urn:acme:error:caa :: CAA record for mail2.zoo prevents issuance

Security …

tls renewal time from the last time i did them

It was tls renewal time once again in the past so i decided to switch suppliers (my third) and go for sslmate after all i you find horrible holes in systemd then you need to be rewarded.  I had no idea what i was letting myself in for but in fact it is way better than letsencrypt (my blog) as it uses email contacts instead of some shit http server to validate.

This is paid for rather than ‘free’ and the sslmate does work nicely as a cli although dont ask it to make a postfix tls instance.  If you use microsoft windows then your not intelligent enough imho.

Once you have an account (a website job) and the software you just ask for mail10.zoo1 and it creates the csr and once validated by the carbon based unit it takes the money and deposits four files on your computer.

Being weird i use mail10.zoo1 for email tls and generally know what i am supposed to be doing but it should work as a www thing if your average.

babymemeComodo issue the certificates and most of my changes worked on the first attempt. Comodo’s new owner is an issue.

That’s basic usage for one host.  You can also specify a spending limit per day so if you have issues like that then a low amount means your get an email saying so.

I need multi host ssl for .zoo and they offer it at a most reasonable price so .zoo and mail10.zoo will all be covered with tls.  Doing this with other resellers would mean an expensive wildcard cert that would unused or two standard ssl certs and while it is not that hard i want something better.

Multi host as an experiment did not work the way i expected and the firm did not respond to my email.  However i have enough brains to work around the issue.

Generally i can do dane (my blog) and so website ssl but only on http://www.zoo not .zoo. it was not worth the extra money to add it but config wise with the extra hosts in the certificate it makes hashing of tlsa easy.

Next year i do not see much point in long term certs as things change say sha1 replaced with 256 so at some point your going to replace the cert with a new one but new hash.   Its still work.

I was able to get a cert and the chain files and adjust configs rather than be inflicted with apache configs and unknown postfix something that other things insist on fixing despite me knowing what i am doing.

Would i do it again – individual is cheaper and perhaps worth setting up say www. and *.zoo so this is not a total waste of time one i will put down to experience despite wasting http://www.mail10.zoo as an unused address.

The more complex the cli command the less intuitive it becomes and the documentation on the website is lacking but kind of guessable.

Maybe i go for a wildcard ssl next time.

Both times i got a pdf invoice.


Don’t mention the Murdochs…

I read Max Clfford (my blog) has died in prison  While Clifford may have preyed on foolish people with a ‘tale to tell’, the Murdoch family (my blog( paid him what they wanted too.

A value statement of dubious value.

Having himself stated

Every day, every week, every month, a lot of the lies that you see in the newspapers, in the magazines, on television, on the radio, are mine.

Mean the Murdoch family and News international are also partly responsible and not the arbiters of the fourth estate he and others there think they be*, although oddly Murdoch can do no wrong but Clifford could.  Funny that.

*Max Clifford news is ‘fake’

some films seen by the monkey house

In which the monkey house sees some thing not in a cinema too.  This post is extremely time delayed.

turnerMr Turner

imdb: /tt2473794 is  a luvvies film (my blog) by Ken Loach (my blog) which i could not find in a cinema on its release.  If you have bought a lottery ticket then you also paid for it.

Dull as dishwater in places but it certainly has no superheroes in.

4/5 bananas


imdb: tt0443272 was made in 2012 and a first see although i think it had been on before but was deemed an non view..

4/5 bananas.

John Wick

imdb: tt2911666 was seen on netflix and i enjoyed it, not sure of those multiple drops from height and no injury but a well made film where talent excels rather than have to be part of a brand so for what it is much better maybe a standout film for this decade?

3/5 bananas.


J-drama’s and anime update

So what is new in J-Drama ? that i found worthy of viewing

jiuJiu – Special Investigation Team is a police drama that i got into there is murder and guns to be found here along with an commentary about honour and stuff.

Another is Painless: The Eyes for Signs which is at time a curious drama but worth the ten episode watch.

In mentioned before Showa Genroku Rakugo Shinju (my blog) is back and recommended..

Netflix (my blog) seems to have some good j-drama (and some anime) I think your lie in april was elsewhere but for a anime is/was on netflix now and well worth a see, it has a production value that all should see.